Hi Michael- I discussed the problem with the author of nickle (Keith Packard) in 2011-09 and he determined that there were other places in the code that would trigger the same type of failure at runtime, if presented with certain inputs. The NewStrString instance is most obvious since it happened at startup regardless of input, but fixing it with strncpy is not sufficient to cover the other cases Keith identified (they occur in other routines which cannot be converted to strncpy since they don't use strcpy).
Keith stated his intention to fix the the problems "the right way" and push a new version to Debian, but that has not yet occurred (I'll poke him). In the meantime, I recommend that we do just switch off _FORTIFY_SOURCE for nickle. While I fully agree with the general goodness of _FORTIFY_SOURCE, nickle 2.70 really doesn't work properly with it enabled. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/721636 Title: nickle crashes on amd64 natty To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nickle/+bug/721636/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
